Paramètres d'affichage

Choisissez un thème pour personnaliser l'apparence du site.

Nmap

Scan Summary :

B

severityservicevulnerability

info

http (port:80)

info

http (port:443)

info

http (port:8080)

info

http (port:8443)
Consulter le rapport détaillé

Mozilla HTTP observatory5 mois

Scan Summary :

F

ImpactDescriptionDocumentation

-50

Subresource Integrity (SRI) not implemented, and external scripts are loaded over HTTP or use protocol-relative URLs via src="//..."Doc Subresource Integrity.

-20

Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.Doc Content Security Policy. L'extension github.com/april/laboratory permet de générer la CSP pour votre application.

-20

Cookies set without using the Secure flag or set over HTTPOWASP Session Management Cheat Sheet.

-10

HTTP Strict Transport Security (HSTS) header set to less than six months (15768000)Doc header Strict-Transport-Security (HSTS).

Rapport détaillé

SSL

Scan Summary :

F


Grade capped to A. HSTS max-age is too short


Expiration : 13/06/2024

Rapport détaillé

Nuclei5 mois

SéveritéNameMatcher

unknown

Credentials Disclosure Checkcredentials-disclosure

info

DNS SaaS Service Detectiondns-saas-service-detection

info

CAA Recordcaa-fingerprint

info

DOM EventListener - Cross-Site Scriptingaddeventlistener-detect

info

XSS-Protection Header - Cross-Site Scriptingxss-deprecated-header

info

Form Detectionform-detection

info

HTTP Missing Security Headerspermissions-policy

info

HTTP Missing Security Headersreferrer-policy

info

HTTP Missing Security Headersclear-site-data

info

HTTP Missing Security Headerscross-origin-embedder-policy

info

HTTP Missing Security Headerscross-origin-opener-policy

info

HTTP Missing Security Headerscross-origin-resource-policy

info

Wappalyzer Technology Detectiongoogle-tag-manager

info

Wappalyzer Technology Detectioncloudflare

info

robots.txt endpoint proberrobots-txt-endpoint

info

robots.txt filerobots-txt

info

Sitemap Detectionsitemap-detect

info

Missing Subresource Integritymissing-sri

info

WAF Detectioncloudfront

info

WAF Detectioncloudflare

info

Detect SSL Certificate Issuerssl-issuer

info

SSL DNS Namesssl-dns-names

info

TLS Version - Detecttls-version

info

TLS Version - Detecttls-version